In this workshop you will get familiar with the basics of BLE security. We will work on a dedicated, readily available BLE hardware nRF devkit device. In a minutes you will turn into embedded developer and learn how to program your own BLE device yourself, using a free web interface and ready templates. Next, from attacker’s perspective, we will cover among others: sniffing, spoofing, MITM, replay and relay. Having enough time, we will play with a collection of vulneraBLE smart locks, sex toys and other devices.
During upcoming Confidence conference in Krakow, we will celebrate 15 years of SecuRing. On this occasion the we will share with you several NFC “research toolkits” hardware sets - that among other things allow to clone card UID and crack Mifare Classic. Come meet us at our booth and solve the NFC challenges to win one!
Also be sure to attend my introductory talk on NFC security “A 2018 practical guide to hacking RFID/NFC” track 1 Jun 4th 11:50am.
Update: slides are available to download here.
You can, quite reasonably, expect smart locks and access control systems to be free from alarming security vulnerabilities - such a common issue for an average IoT device. Well, this training will prove you wrong. After performing multiple hands-on exercises with a dozen of real devices and various technologies, you will never look at the devices the same way. During this course students will perform: wireless sniffing, spoofing, cloning, replay, DoS, authentication and command-injection attacks.